IRC log of #maemo for Tuesday, 2014-03-25

*** HylianSavior has quit IRC		00:00
*** HylianSavior has joined #maemo		00:00
*** _rd has joined #maemo		00:01
*** sq-one has quit IRC		00:08
*** lbt_ has joined #maemo		00:11
*** lbt has quit IRC		00:11
*** _rd has quit IRC		00:13
*** fastlane`` has joined #maemo		00:13
*** jon_y_ is now known as jon_y		00:15
*** LauRoman\|Mobile has joined #maemo		00:17
*** fastlane``` has quit IRC		00:18
*** qwqwqwerrr has joined #maemo		00:20
*** cgk_ is now known as gov_		00:21
*** fastlane`` has quit IRC		00:23
*** emma has quit IRC		00:24
*** LauRoman\|Mobile has quit IRC		00:24
*** gov_ is now known as cgk_		00:24
*** cgk_ has quit IRC		00:26
*** pcfe has quit IRC		00:32
*** pcfe has joined #maemo		00:33
*** pcfe has quit IRC		00:33
*** pcfe has joined #maemo		00:33
*** Kabouik has joined #maemo		00:41
*** HylianSavior has quit IRC		00:45
*** monoglets has joined #maemo		01:02
*** child has quit IRC		01:03
*** monoglets has quit IRC		01:08
*** emma has joined #maemo		01:15
*** florian has joined #maemo		01:28
*** arcean has quit IRC		01:31
*** qwqwqwerrr has quit IRC		01:32
*** emma has quit IRC		01:42
*** emma has joined #maemo		01:44
*** florian has quit IRC		01:55
*** pit_fiend has quit IRC		02:08
*** lbt_ has quit IRC		02:08
*** Hurrian has joined #maemo		02:11
*** int_ua has quit IRC		02:17
*** robbiethe1st has joined #maemo		02:29
*** sunny_s has joined #maemo		02:32
*** Kabouik has quit IRC		02:40
*** sunny_s has quit IRC		02:41
*** eMHa__ has joined #maemo		02:47
*** hxka has quit IRC		02:54
*** sequantz has quit IRC		02:56
*** Snafu777 has joined #maemo		03:00
*** RiD has quit IRC		03:16
*** sleepee has joined #maemo		03:16
*** sleepee has quit IRC		03:23
*** lbt_ has joined #maemo		03:29
*** lbt_ has quit IRC		03:29
*** lbt_ has joined #maemo		03:29
*** zero has joined #maemo		03:35
*** zero is now known as Guest54594		03:36
Snafu777	configure: error: OpenSSL version header not found.	03:45
Snafu777	Nokia-N900:~/openssh-6.6p1# dpkg --list \| grep libssl	03:45
Snafu777	ii libssl-dev 0.9.8n-1+maemo4+0m5 SSL development libraries, header files and documentation	03:45
Snafu777	ii libssl0.9.7 1.0 libssl0.9.7	03:45
Snafu777	ii libssl0.9.8 0.9.8n-1+maemo4+0m5 SSL shared libraries	03:45
Snafu777	.....?	03:46
*** Milhouse has quit IRC		03:54
*** qwazix has quit IRC		03:57
*** qwazix has joined #maemo		03:57
*** darkschneider has quit IRC		03:58
Snafu777	Anyone?	03:59
Snafu777	I love you long time	03:59
*** goldkatze has quit IRC		04:00
*** silviof1 has joined #maemo		04:01
*** Milhouse has joined #maemo		04:02
*** silviof has quit IRC		04:04
Maxdamantus	I suspect you'd need openssl 1	04:05
Snafu777	hmm	04:14
Snafu777	pretty sure i got it hang tight	04:14
Snafu777	gotta re-ssh into	04:14
Snafu777	Nokia-N900:~# dpkg --list \| grep ssl	04:16
Snafu777	ii libopenssl-ruby 4.2maemo1 OpenSSL interface for Ruby	04:16
Snafu777	ii libopenssl-ruby1.8 1.8.7.72-3maemo4 OpenSSL interface for Ruby 1.8	04:16
Snafu777	ii libssl-dev 0.9.8n-1+maemo4+0m5 SSL development libraries, header files and documentation	04:16
Snafu777	ii libssl0.9.7 1.0 libssl0.9.7	04:16
Snafu777	ii libssl0.9.8 0.9.8n-1+maemo4+0m5 SSL shared libraries	04:16
Snafu777	ii openssl 0.9.8n-1+maemo4+0m5 Secure Socket Layer (SSL) binary and related cryptographic tools	04:16
Snafu777	ii python-openssl 0.7-2maemo2 Python wrapper around the OpenSSL library	04:16
Snafu777	ii sslstrip 0.9-0maemo1 SSL/TLS man-in-the-middle attack tool	04:16
*** darkschneider has joined #maemo		04:16
Snafu777	Maxdamantus: ideas?	04:22
Maxdamantus	I suspect you'd need openssl 1	04:23
Maxdamantus	It's in a different slot in portage (Gentoo).	04:23
Maxdamantus	so they're basically considered different packages.	04:24
Snafu777	hmm	04:25
Snafu777	gentoo != n900 =/	04:26
Snafu777	Ideas?	04:26
*** mschlens has quit IRC		04:41
*** dos1 has quit IRC		04:43
*** mschlens has joined #maemo		04:44
*** Defiant has quit IRC		04:46
*** Defiant has joined #maemo		04:49
*** MohammadAG has quit IRC		04:53
*** MohammadAG has joined #maemo		04:53
*** nox- has quit IRC		05:06
*** at1as has joined #maemo		05:07
*** robbiethe1st has quit IRC		05:22
*** at1as has quit IRC		05:29
*** hxka has joined #maemo		05:37
Luke-Jr	Snafu777: I run Gentoo on my N900	05:39
Snafu777	heh	05:40
Snafu777	I'm running maemo, and the more I did into it, the more it seems I'm going to have to install openssl from source as well	05:40
Snafu777	This is a frickin nightmare	05:41
Snafu777	I didn't even have this much trouble with curl, and that was a bitch	05:41
Snafu777	How can I find out where the openssl library headers are located at on the n900?	05:41
bef0rd	I don't think headers are on the device, dev repo/packages were meant for scratchbox environment	05:45
bef0rd	dpkg-query -L libssl-dev	05:46
bef0rd	should list all files provided by libssl-dev	05:46
Snafu777	There are definately header files under /usr/include/openssl	05:48
Snafu777	hmm	05:48
Snafu777	Learned a new command today thanks to u bef0rd =)	05:49
Snafu777	dpkg-query -L	05:49
Snafu777	handy	05:49
Snafu777	normally - dpkg -x the file	05:49
Snafu777	and view the contents	05:49
Snafu777	So here is a question while I wait on configure to die or work	05:54
Snafu777	Anyone ever considered using /etc/shadow on the n900?	05:54
Maxdamantus	This is why people shouldn't make phone OSes.	05:58
Maxdamantus	They should just make phone software that runs on normal OSes.	05:58
Snafu777	=)	05:58
Snafu777	No, this is why security should have been incorporated into the phone to begin with	05:59
Snafu777	no /etc/shadow	05:59
Snafu777	DES for the backend	05:59
Snafu777	N900 is a wonder to behold	05:59
Snafu777	The world's smallest handheld pentest device	05:59
Maxdamantus	/etc/shadow is a file used by certain applications.	05:59
Snafu777	Yet vulnerable in ways that should have been BYGONE long ago	06:00
Snafu777	Agreed	06:00
Snafu777	but they didn't incorporate shadowing into the os	06:00
Snafu777	Do you know how easy it would be to pwn this phone ?	06:00
Maxdamantus	Because they didn't include programs that needed it.	06:00
Snafu777	Most of the .debs are outdated on it	06:00
Snafu777	I love my n900, don't get me wrong	06:00
Snafu777	Nods	06:00
Maxdamantus	if you install the sshd from the repository it creates /etc/shadow	06:01
Snafu777	They had security as an afterthought	06:01
Snafu777	sshd from repo does not create /etc/shadow	06:01
Snafu777	unless you are referring to another ssh daemon vs openssh	06:01
Maxdamantus	No, openssh.	06:01
Maxdamantus	maybe it's something special with the application manager then.	06:02
Maxdamantus	I also have the user* programs installed somehow.	06:02
Snafu777	Do you have maemo on your device Maxdamantus ?	06:02
Maxdamantus	Yes.	06:02
*** lxp1 has joined #maemo		06:02
Snafu777	and you have /etc/shadow?	06:02
Maxdamantus	Ah, no, only /etc/passwd	06:02
Maxdamantus	it stores the password in there.	06:03
Snafu777	.	06:03
Snafu777	yes it does	06:03
Snafu777	Like I said, vulnerable as hell	06:03
Maxdamantus	Why?	06:03
Snafu777	/etc/passwd?	06:03
Snafu777	Because it uses DES	06:03
Maxdamantus	Ah, because other people can use it.	06:03
Snafu777	Let alone that it's world readable	06:03
*** lxp has quit IRC		06:03
Maxdamantus	you should be able to use other encryptions .. it's up to libcrypt	06:03
Snafu777	So how do we configure that?	06:04
Snafu777	I don't need to compile pam support into openssh if i can do just that	06:04
*** uen has quit IRC		06:04
Snafu777	but i want to go with PAM to get around the DES issue	06:04
Maxdamantus	just copy the password from another system.	06:05
Maxdamantus	probably the easiest way.	06:05
Snafu777	and get locked out of the system?	06:06
Maxdamantus	(to use something other than DES)	06:06
Snafu777	Wouldn't that snap /etc/passwd?	06:06
Snafu777	I mean I guess i can try real quick	06:06
Snafu777	one sec	06:06
Maxdamantus	mm .. didn't work	06:07
*** uen has joined #maemo		06:08
Snafu777	Definately did not work =9	06:09
Snafu777	Well, I'm going to grab openssl	06:11
Snafu777	compile it	06:11
Snafu777	grab the libraries	06:11
Snafu777	drop them in a custom location on the OS	06:12
Snafu777	see if i can perform a nasty hack	06:12
* Snafu777 <--- wishes he knew more about c++		06:13
Snafu777	The thing to find out is if i compile it when the libraries exist, will it run when the libraries no longer are there	06:14
Snafu777	that way i don't have extraneous files lying about	06:14
Snafu777	Static libraries increase the overall size of the binary, but it means that you don't need to carry along a copy of the library that is being used. As the code is connected at compile time there are not any additional run-time loading costs. The code is simply there.	06:16
Snafu777	And it shall work, and it shall be named George!	06:16
Snafu777	Maxdamantus: Got sshd installed on your n900?	06:17
Maxdamantus	Yes.	06:18
Maxdamantus	openssh	06:18
Snafu777	Want to see the vulnerability I speak of?	06:18
Snafu777	ssh -l root 127.0.0.1	06:18
Snafu777	enter the first eight chars of your root pword	06:18
Snafu777	p00f, you are in	06:18
Snafu777	And did it work?	06:22
DocScrutinizer05	((<Snafu777> no /etc/shadow [2014-03-25 05:00:22] <Snafu777> Do you know how easy it would be to pwn this phone ?)) Nonsense. Maemo is basically a single-user OS. /etc/shadow is meant to defeat threats from legit users that have access to /etc/passwd. Evidently on maemo that makes no sense	06:24
Snafu777	/etc/shadow is meant to defeat threats from non-legit users as well	06:25
DocScrutinizer05	it's just as nonsensical as is the approach to obfuscate your email POP/IMAP passwords in your mail client's config files, to hide them from user	06:26
Maxdamantus	tbh, it should be reasonably secure with a different encryption algorithm.	06:26
DocScrutinizer05	Snafu777: that's bullshit	06:26
Maxdamantus	it looks like libcrypt isn't the normal one used on Linux systems (which is part of glibc)	06:26
Snafu777	DocScrutinizer05: Lets say I get a non privileged user account on a system I am not supposed to have access too	06:26
DocScrutinizer05	Snafu777: you're no supposed to fileshare /etc/passwd to a ftp server	06:27
Snafu777	I can snarf the contents of /etc/passwd	06:27
Snafu777	But i cannot see /etc/shadow	06:27
Snafu777	And windows is bulletproof	06:27
DocScrutinizer05	let's say you say random stuff	06:27
Maxdamantus	it supports md5	06:29
Maxdamantus	though that's considered broken	06:29
DocScrutinizer05	when you make it onto a system that you're not supposed to have any access to, nothing warrants that you can access /etc/password but not /etc/shadow - you shouldn't have access to anything on that system, once you have access it's up to your skills while hacking the system what permissions you hacked for you	06:30
Maxdamantus	I think it needs to be upgraded to support sha.	06:30
Snafu777	DocScrutinizer05: I just think of things like an attacker would	06:30
*** maybeArgh has joined #maemo		06:30
DocScrutinizer05	no, you think of things like a script kiddie would	06:30
Snafu777	Okay, so do you have a sim card in your phone DocScrutinizer05 ?	06:30
Snafu777	I'll assume yes	06:31
Maxdamantus	Yeah, md5 works.	06:32
Maxdamantus	Doesn't let me enter a partial password at least.	06:32
Snafu777	On that thought, do you really trust cell phone companies to provide proper security posturing on their routers to prevent user a from attacking user b on the same subnet	06:32
Snafu777	If you believe that	06:32
DocScrutinizer05	wtf?	06:33
DocScrutinizer05	not interested in that nonsense	06:33
Snafu777	dig @ans2.o1.com o1.com axfr	06:33
Snafu777	There u go	06:33
Snafu777	a major ISP	06:33
Snafu777	So yes, I do care if my phone can be bruteforced via ssh in 72^8 (average password characters of 72 character possibilities, a-z, 1-9 with a 8 char max)	06:34
Maxdamantus	https://gist.githubusercontent.com/Maxdamantus/00aa3766f3d560e8637a/raw/d8ae9d08e27557f1e70c7c296f939a254b84063c/gistfile1.txt	06:34
Snafu777	because the world SUCKS at cyber security	06:34
Maxdamantus	can compile that with -lcrypt	06:34
Snafu777	Cool Maxdamantus I shall check it out	06:34
bef0rd	then don't enable sshd	06:34
*** maybeWTF has quit IRC		06:34
DocScrutinizer05	Snafu777: sorry, you have no decent idea of how to manage a system	06:34
Maxdamantus	then: ./a.out \$1\$$(tr -dc a-zA-Z0-9./ < /dev/urandom \| head -c 8)	06:34
Snafu777	I'm not a sysadmin DocScrutinizer05	06:34
Maxdamantus	There's also a `crypt` command installed, but it doesn't hide the input.	06:35
DocScrutinizer05	obviously	06:35
Snafu777	I get paid to prevent others from breaking in	06:35
DocScrutinizer05	OMG	06:35
Snafu777	Cool Maxdamantus: Glad I at least got one person spun up on the security idea	06:35
Snafu777	=)	06:35
Maxdamantus	well, it's md5, so it's not really secure.	06:35
Snafu777	Still	06:35
Maxdamantus	but it's more secure than DES.	06:35
Snafu777	prevents partial passwords right?	06:35
Maxdamantus	Yes.	06:35
Snafu777	i don't care about the bits and bytes	06:35
Snafu777	just the lack of actually checking for my full password	06:36
Snafu777	they want to bruteforce, go for it	06:36
Snafu777	=)	06:36
DocScrutinizer05	you don't want to allow password auth? fine! forbid it, only allow ssh publey auth	06:36
Maxdamantus	You don't need to brute force if you can see the hash.	06:36
DocScrutinizer05	pubkey even	06:36
Maxdamantus	Well, you need to brute force a bit	06:36
Snafu777	true, but my /etc/passwd isn't visible	06:36
Maxdamantus	but you don't need to try every input: you can generate matches for given hashes in far less time.	06:37
bef0rd	also, changing from DES to anything else will not prevent people from bruteforcing over ssh...	06:37
Snafu777	I didn't say they would bef0rd	06:37
Snafu777	I want to prevent a 72^8 attack	06:37
Snafu777	That's it	06:37
* DocScrutinizer05 headdesks		06:37
Maxdamantus	72^8 = 722204136308736	06:37
Snafu777	yes it does	06:38
Snafu777	however	06:38
Snafu777	It's a phone	06:38
Snafu777	odds are root password is not strong	06:38
Snafu777	due to small keyboard	06:38
Snafu777	Human nature	06:38
Snafu777	etc... blah blah blah	06:38
Snafu777	and most likely a left right or right left cascade	06:38
DocScrutinizer05	>>blah blah blah<< first true statement	06:38
Snafu777	DocScrutinizer05: I'm not trying to butt heads with ya man. U got skills that far surpass me in many respects	06:39
DocScrutinizer05	maemo HAS NO root password, usually	06:39
*** totalizator has quit IRC		06:39
Snafu777	I'm just making a valid point about the in-security that is inherent on the n900	06:39
*** ccxN has quit IRC		06:39
DocScrutinizer05	no, you jave no idea about how n900 aka fremantle works	06:40
DocScrutinizer05	have*	06:40
DocScrutinizer05	you're trying to find the bricks to close the window for good, while letting the door wide open, in your efforts to stop the flood	06:41
Snafu777	I'm just going for the basics of a NIST checklist	06:41
DocScrutinizer05	your checklist doesn't apply to maemo. Evidently	06:42
Snafu777	Agreed, there is no Maemo specific checklist	06:42
DocScrutinizer05	search for Hildon Application Manager on your list. Search for rootsh on your list	06:42
Snafu777	yes i agree	06:42
Snafu777	and i plan to harden my gui launched apps that require root later on	06:43
Snafu777	not sure if i can	06:43
Snafu777	but i read about it somewhere	06:43
Snafu777	and ham i never use	06:43
Snafu777	I hate guis when i can command line something	06:43
Snafu777	I only like guis for stuff i dont want to command line	06:43
DocScrutinizer05	you're giving a 3 (or more?) days live performance of ~xy here	06:43
Snafu777	like launching an evil twin router attack	06:43
Snafu777	I'm just me DocScrutinizer05	06:43
Snafu777	I'll always be me. And I'll always get paid to be me =)	06:43
Snafu777	I have a job that I love very much and it allows me to play with a keyboard.	06:44
Snafu777	How bad can it really be?	06:44
DocScrutinizer05	we're not paid for attending this performance	06:44
Snafu777	Sure you are	06:44
Snafu777	I'm charging you $28 an hour	06:44
DocScrutinizer05	sorry, dude. I have to take care about my logs not getting filled witj noise	06:45
*** SAiF has quit IRC		06:45
*** SAiF has joined #maemo		06:47
*** hxka has quit IRC		06:49
Snafu777	Welp, off to bed	07:02
Snafu777	Goodnight world	07:03
Snafu777	gotta get a goodnights sleep. Picking up a truckload of bricks tomorrow at home depot. Got a big window I'm building a frame around tomorrow	07:03
*** Snafu777 has quit IRC		07:03
*** kwtm2 has joined #maemo		07:05
*** ccxN has joined #maemo		07:06
DocScrutinizer05	my N900 have exactly one open port. While it's the ssh service running on that port, it's not port 22. So no matter where I'm roaming with my N900, the likelihood that somebody would find out about that open port and try a brute force attack on it is minimal. At home my N900 is behind my local NAT and thus not reachable from global internet anyway, only locally. When somebody actually would find out about that port where my sshd runs	07:07
DocScrutinizer05	while I'm roaming on 3G and would start a brute force attack, I'd feel pretty pissed about my battery going flatline or my /var/log/syslog clogging rootfs and this bringing system to a grinding halt - whatever will happen first. Way before that brute force attack will notice that not a single of the usernames they come up with has a valid password auth to log in via ssh	07:07
DocScrutinizer05	and nota bene standard default fremantle has no sshd running at all, so in the end it's *you, the user, who ruined security when you configure an insecure sshd and make it run all the time on your N900	07:08
DocScrutinizer05	and all of that becomes totally irrelevant anyway, as soon as you ignore all good advice and best practice and do a dozen things strictly deprecated on either any system (installing packages not meant for that platform) or particularly on that system (not using HAM and rather doing everything via dpkg. OMG). All perceived security flaws after doing such mayham to maemo are not worth a single line in IRC to discuss how to fix them, since	07:18
DocScrutinizer05	they shouldn't be there to start with	07:18
*** totalizator has joined #maemo		07:23
*** silviof1 is now known as silviof		07:47
*** VDVsx has quit IRC		07:59
*** maybeArgh has quit IRC		08:13
*** maybeHere has joined #maemo		08:23
*** sunny_s has joined #maemo		08:23
*** VDVsx has joined #maemo		08:27
*** heroux has quit IRC		08:30
*** _rd has joined #maemo		08:32
*** bef0rd has quit IRC		08:44
*** _rd has quit IRC		08:47
*** _rd has joined #maemo		08:47
*** SAiF_ has joined #maemo		08:52
*** florian has joined #maemo		08:53
*** SAiF has quit IRC		08:53
*** jormungandr has joined #maemo		08:55
*** Guest54594 has quit IRC		08:57
*** ebzzry_ has quit IRC		09:14
triggerhappy	/clear/clear	09:16
*** florian has quit IRC		09:18
*** florian has joined #maemo		09:18
*** _rd has quit IRC		09:27
*** SAiF_ has quit IRC		09:29
*** SAiF has joined #maemo		09:35
*** florian has quit IRC		09:39
*** cypherc has quit IRC		09:43
*** _rd has joined #maemo		09:45
*** kolp has joined #maemo		09:49
*** SAiF has quit IRC		10:01
*** SAiF has joined #maemo		10:05
*** eMHa__ has quit IRC		10:11
*** _rd has quit IRC		10:25
*** kwtm2 has quit IRC		10:27
*** kwtm2 has joined #maemo		10:27
*** stef_204 has joined #maemo		10:28
*** cypherc has joined #maemo		10:29
*** goldkatze has joined #maemo		10:30
Ashley`	well. i guess there is a bug in lockscreen. it checks only first ten numbers	10:30
Ashley`	first nine*	10:31
*** florian has joined #maemo		10:31
*** Kabouik has joined #maemo		10:33
*** stef_204 has quit IRC		10:36
Ashley`	oh.	10:46
Ashley`	it's fucked up even more	10:46
Ashley`	only a few first letters need to be true	10:46
Ashley`	i'll investigate it at home :P	10:48
*** cityLights has joined #maemo		10:49
*** protem has quit IRC		10:52
*** geaaru has joined #maemo		10:57
*** triggerhappy has left #maemo		10:58
*** triggerhappy has joined #maemo		10:58
*** mavhc has quit IRC		11:01
Raimu	D:	11:03
*** trx has quit IRC		11:10
*** AD-N770 has joined #maemo		11:20
*** fizzie has quit IRC		11:23
*** Hurrian has quit IRC		11:23
*** auenfx4 has quit IRC		11:26
*** auenf has joined #maemo		11:29
*** auenf has quit IRC		11:32
*** Gatta_Negra has joined #maemo		11:33
*** auenf has joined #maemo		11:33
*** dhbiker has quit IRC		11:34
*** dhbiker has joined #maemo		11:34
*** mvp has joined #maemo		11:34
*** geaaru has quit IRC		11:42
*** _rd has joined #maemo		11:42
*** fizzie has joined #maemo		11:44
*** kwtm2 has quit IRC		11:51
*** Hurrian has joined #maemo		11:52
*** geaaru has joined #maemo		11:53
*** cgk has joined #maemo		11:57
*** ccxN has quit IRC		12:07
*** _rd has quit IRC		12:07
*** _rd has joined #maemo		12:07
*** cgk has quit IRC		12:13
*** cgk has joined #maemo		12:13
*** Hurrian has quit IRC		12:13
*** SAiF has quit IRC		12:16
*** cgk has quit IRC		12:16
*** cgk_ has joined #maemo		12:16
*** SAiF has joined #maemo		12:17
*** cgk_ has quit IRC		12:19
DocScrutinizer05	I'd not be surprised to find the lockscreen password limited to 5 chars	12:20
DocScrutinizer05	heck, my credit card password is limited to 4	12:21
*** lbt_ has quit IRC		12:26
joga	I at least have 6..	12:26
*** lbt_ has joined #maemo		12:26
joga	or, uh, you mean the "Enter lock code" screen or something else?	12:26
*** qwqwqwerrr has joined #maemo		12:34
*** kwtm2 has joined #maemo		12:35
*** _rd has quit IRC		12:37
*** trx has joined #maemo		12:43
DocScrutinizer05	yes, enter lock code screen (which I never seen in my life so far ;-D )	12:56
DocScrutinizer05	default lockcode is "12345"	12:57
DocScrutinizer05	I'd guess that's the fixed length this "password" has to be, according to the coder who built lockscreen	12:58
*** eMHa__ has joined #maemo		13:04
*** LauRoman has joined #maemo		13:06
*** lizardo has joined #maemo		13:07
*** kwtm2 has quit IRC		13:19
*** SAiF has quit IRC		13:25
*** SAiF has joined #maemo		13:27
fizzie	DocScrutinizer05: It goes up to 8. (Or, rather, it accepts input up to 10, but only the first 8 digits are meaningful.)	13:39
*** at1as has joined #maemo		13:40
DocScrutinizer05	that's pretty in line with the hash/crypt() funtion used for passwd hashes	13:40
*** at1as has quit IRC		13:49
*** VDVsx has quit IRC		13:59
*** VDVsx has joined #maemo		14:00
*** NIN101 has joined #maemo		14:02
*** qwqwqwerrr has quit IRC		14:03
*** SmilyOrg has joined #maemo		14:13
*** Smily has quit IRC		14:17
*** ebzzry_ has joined #maemo		14:32
*** kolp has quit IRC		14:32
*** _rd has joined #maemo		14:35
*** sunny_s has quit IRC		14:37
*** dos1 has joined #maemo		14:50
*** _rd has quit IRC		14:51
*** Kabouik has quit IRC		14:52
*** fortytwo has quit IRC		14:52
*** Kabouik has joined #maemo		14:52
*** hxka has joined #maemo		14:52
*** fortytwo has joined #maemo		14:53
*** xjiujiu has joined #maemo		14:55
*** heroux has joined #maemo		14:55
*** heroux has quit IRC		15:01
*** heroux has joined #maemo		15:02
*** lbt_ is now known as lbt		15:09
*** Hurrian has joined #maemo		15:14
*** Venusaur has quit IRC		15:18
*** Venusaur has joined #maemo		15:19
*** Hurrian has quit IRC		15:19
*** darkschneider has quit IRC		15:21
*** darkschneider has joined #maemo		15:22
*** heroux has quit IRC		15:24
*** heroux has joined #maemo		15:28
*** FReaper-PC has joined #maemo		15:40
*** FlameReaper-PC has quit IRC		15:42
*** newbie\|2 has joined #maemo		15:47
*** newbie\|2 is now known as Snafu777		15:47
* Snafu777 hugs DocScrutinizer05		15:47
Snafu777	chpassword -m	15:47
Snafu777	user:password	15:47
Snafu777	crtl+d	15:47
Snafu777	problem fixed	15:48
*** trumee has quit IRC		15:49
Snafu777	chpasswd rather	15:49
Snafu777	not chpassword	15:49
*** trumee has joined #maemo		15:53
*** edheldil has quit IRC		15:56
*** edheldil has joined #maemo		15:59
*** Venusaur has quit IRC		16:01
*** konelix has joined #maemo		16:21
*** at1as has joined #maemo		16:23
*** _rd has joined #maemo		16:29
silviof	Snafu777: for scripts 'echo "user:password" \| chpasswd' is very usefull :-)	16:31
*** xjiujiu has quit IRC		16:32
Ashley`	DocScrutinizer05: 5 numbers are enough to stop dumb friends from changing language to chinese :P	16:32
Snafu777	silviof: interesting	16:35
Snafu777	silviof: Main reason i threw that out there is that by default, maemo uses DES, and on ssh only 8 chars is needed for password	16:36
Snafu777	a security risk i think	16:36
*** RiD has joined #maemo		16:36
*** hxka has quit IRC		16:38
Snafu777	What I would like to find out is: what file in the system controls des vs md5 for maemo for passwd	16:38
DocScrutinizer05	and honestly that's all the devicelock been meant for	16:38
silviof	Snafu777: yes, if it so that this is ugly. But you can set some nerv-parameters on sshd_config. like LoginGraceTime snd so	16:39
Snafu777	Agreed, but i'm not trying to harden sshd	16:39
Snafu777	I was trying to find a workaround for the des issue	16:39
*** _rd has quit IRC		16:41
*** _rd has joined #maemo		16:42
Snafu777	So does anyone know that specific file that maemo uses, or is this some hardcode by default thing?	16:43
warfare	Snafu777: /etc/pam.d/common-password?	16:53
Snafu777	password required pam_unix.so nullok obscure md5	16:56
*** VDVsx has quit IRC		16:56
*** Snafu777 has quit IRC		16:56
*** LjL has quit IRC		16:56
*** newbie\|2 has joined #maemo		16:58
*** newbie\|2 is now known as Snafu777		16:58
*** _rd has quit IRC		17:02
DocScrutinizer05	warfare: hmm, on maemo?	17:05
DocScrutinizer05	IroN900:~# ll /etc/pam*	17:05
DocScrutinizer05	ls: Zugriff auf /etc/pam* nicht möglich: No such file or directory	17:05
*** konelix_ has joined #maemo		17:06
*** konelix has quit IRC		17:08
*** at1as has quit IRC		17:11
*** _rd has joined #maemo		17:11
*** peetah has quit IRC		17:12
*** RiD has quit IRC		17:13
*** t3st3r has quit IRC		17:14
*** peetah has joined #maemo		17:14
*** t3st3r has joined #maemo		17:15
*** RiD has joined #maemo		17:16
*** florian has quit IRC		17:16
warfare	DocScrutinizer05: my n900 has them. Belongs to libpam-runtime.	17:17
DocScrutinizer05	iirc optification came with PR1.2. Before that Nokia tried to cram all binaries into the 240MB rootfs, which probably made them a tad stingy regarding feature-richness of of the system	17:18
DocScrutinizer05	weird	17:18
DocScrutinizer05	IroN900:~# find /lib/ /usr/lib -name 'pam';echo $?	17:19
bencoh	a little bit :)	17:19
DocScrutinizer05	0	17:19
DocScrutinizer05	IroN900:~# apt-cache policy libpam-runtime	17:21
DocScrutinizer05	libpam-runtime:	17:21
DocScrutinizer05	Installed: (none)	17:21
DocScrutinizer05	Candidate: 1.0.1-maemo3	17:21
DocScrutinizer05	Version table:	17:21
DocScrutinizer05	1.0.1-maemo3 0	17:21
DocScrutinizer05	500 http://repository.maemo.org fremantle-1.3/free Packages	17:21
*** _rd has quit IRC		17:22
DocScrutinizer05	I wonder what's the use of libpam when the executables don't use it	17:22
DocScrutinizer05	IroN900:~# apt-cache policy passwd	17:23
DocScrutinizer05	passwd:	17:23
DocScrutinizer05	Installed: 1:4.0.18.1-7+etch1maemo1.m5	17:23
DocScrutinizer05	Candidate: 1:4.0.18.1-7+etch1maemo1.m5	17:23
DocScrutinizer05	Version table:	17:23
DocScrutinizer05	*** 1:4.0.18.1-7+etch1maemo1.m5 0	17:23
DocScrutinizer05	500 https://downloads.maemo.nokia.com ./ Packages	17:23
warfare	ah, libpam-runtime gets pulled in through cvs, which gets pulled in through git-cvs which is depended on by git.	17:25
Snafu777	Well I'm glad I was able to spark something. Even if I have no idea what ya'll are discussing as I don't do linux security =)	17:26
warfare	Snafu777: we were just wondering why some of us have /etc/pam.d and others don't.	17:26
*** mvp has quit IRC		17:27
bencoh	git-cvs depended on by git ?	17:27
bencoh	hmm	17:27
*** _rd has joined #maemo		17:32
*** ssvb has quit IRC		17:34
*** sequantz has joined #maemo		17:38
*** jormungandr has quit IRC		17:41
*** RiD has quit IRC		17:42
*** ssvb has joined #maemo		17:48
*** AD-N770 has quit IRC		17:53
*** AD-N770 has joined #maemo		17:53
*** theblackcrow1 has joined #maemo		18:04
*** konelix has joined #maemo		18:04
*** konelix_ has quit IRC		18:06
theblackcrow1	hello, i found the widget desktop-cmd, which fullfills my needs. but if it's installed, there are tapping errors on the whole display widgets and icons. has anyone an alternative for me?	18:06
*** cypherc has quit IRC		18:07
*** zGrr has joined #maemo		18:08
zGrr	moin :)	18:09
Apic	Hi	18:11
*** messerting has joined #maemo		18:15
*** konelix__ has joined #maemo		18:19
*** japa-fi has joined #maemo		18:20
*** konelix has quit IRC		18:23
*** _rd has quit IRC		18:32
*** konelix has joined #maemo		18:37
*** konelix__ has quit IRC		18:40
*** cypherc has joined #maemo		18:44
DocScrutinizer05	I'm not available for council meeting tonight	18:47
DocScrutinizer05	theblackcrow1: queenbeecon	18:49
DocScrutinizer05	theblackcrow1: though I never had problems with cmd execution widget	18:50
DocScrutinizer05	theblackcrow1: while queenbeecon is overkill and a real pita to configure, thanks to a zillion options. Well, test it, you might love it	18:51
*** arcean has joined #maemo		18:52
bencoh	talking about queenbeecon, does hildon-desktop properly handle desktop widgets with desktop refresh (as in queenbeecon for instance) and locked/inactive screen ?	18:53
bencoh	it feels like it just sucks battery	18:53
bencoh	and I suspect a few flows in hildon-desktop code regarding this part, though I'm not sure :)	18:54
theblackcrow1	DocScrutinizer05: thanks, i'll try it :)	18:55
*** SAiF has quit IRC		18:55
*** VDVsx has joined #maemo		18:59
*** SmilyOrg is now known as Smily		19:04
*** cypherc has quit IRC		19:05
theblackcrow1	DocScrutinizer05: thanks, queen-beecon works very nice (until now) and wow, much to configure!	19:11
*** raccoon- has joined #maemo		19:11
*** hxka has joined #maemo		19:17
*** Gadgetoid has left #maemo		19:33
*** sq-one has joined #maemo		19:52
*** kwtm has joined #maemo		19:57
*** AD-N770 has quit IRC		20:06
*** Gatta_Negra has quit IRC		20:18
*** zGrr has quit IRC		20:21
*** Kabouik has quit IRC		20:25
*** APTX_ has joined #maemo		20:41
*** Kabouik has joined #maemo		20:43
*** florian has joined #maemo		20:45
*** githogori has quit IRC		21:02
*** andre___ has quit IRC		21:03
*** RiD has joined #maemo		21:11
*** at1as has joined #maemo		21:20
*** _rd has joined #maemo		21:21
*** pcfe has quit IRC		21:33
*** pcfe has joined #maemo		21:33
*** pcfe has quit IRC		21:33
*** pcfe has joined #maemo		21:33
*** kwtm1 has joined #maemo		21:34
*** konelix has quit IRC		21:36
*** kwtm has quit IRC		21:38
*** kwtm2 has joined #maemo		21:41
*** mavhc has joined #maemo		21:43
*** Gadgetoid has joined #maemo		21:46
*** valerius has quit IRC		22:13
*** valeriusL has quit IRC		22:14
*** valeriusL has joined #maemo		22:26
*** valerius has joined #maemo		22:28
*** sunny_s has joined #maemo		22:38
*** andre__ has joined #maemo		22:47
*** lbt has quit IRC		22:51
*** dhbiker has quit IRC		22:51
*** dhbiker has joined #maemo		22:53
*** kwtm2 has quit IRC		22:59
*** _rd has quit IRC		23:05
*** Snafu777 has quit IRC		23:07
*** valerius has quit IRC		23:16
*** valeriusL has quit IRC		23:17
*** M4rtinK has joined #maemo		23:21
*** kwtm has joined #maemo		23:21
*** kwtm1 has quit IRC		23:24
*** NIN101 has quit IRC		23:25
*** andre__ has quit IRC		23:26
*** valeriusL has joined #maemo		23:30
*** valerius has joined #maemo		23:31
*** g3kk3r_ has quit IRC		23:32
*** g3kk3r has joined #maemo		23:32
*** lizardo has quit IRC		23:35
*** yosafbridge has quit IRC		23:41
*** yosafbridge has joined #maemo		23:42
*** Scorcerer has quit IRC		23:44
*** till has quit IRC		23:45
*** r00t^home has quit IRC		23:45
*** till has joined #maemo		23:46
*** Scorcerer has joined #maemo		23:47
*** Mekkis has quit IRC		23:47
*** APTX\| has joined #maemo		23:47
*** APTX\|_ has joined #maemo		23:47
*** raccoon- has quit IRC		23:47
*** APTX_ has quit IRC		23:47
*** APTX has quit IRC		23:47
*** raccoon- has joined #maemo		23:48
*** Mekkis has joined #maemo		23:49
*** r00t^home has joined #maemo		23:50
*** at1as has quit IRC		23:54
*** messerting has quit IRC		23:59

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!